[146465] in cryptography@c2.net mail archive
Re: [Cryptography] Separating concerns
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Thu Aug 29 15:23:09 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <135849E8-3DD7-4356-B79F-D94DF5A8FC77@lrw.com>
Date: Thu, 29 Aug 2013 12:38:17 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Jerry Leichter <leichter@lrw.com>
Cc: =?ISO-8859-1?Q?Far=E9?= <fahree@gmail.com>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============7063654589802152249==
Content-Type: multipart/alternative; boundary=001a11c36942b0910004e518bb8e
--001a11c36942b0910004e518bb8e
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
On Thu, Aug 29, 2013 at 7:15 AM, Jerry Leichter <leichter@lrw.com> wrote:
> On Aug 28, 2013, at 2:04 PM, Far=E9 wrote:
> >> My target audience, like Perry's is people who simply can't cope with
> anything more complex than an email address. For me secure mail has to lo=
ok
> feel and smell exactly the same as current mail. The only difference bein=
g
> that sometime the secure mailer will say 'I can't contact that person
> securely right now because=85'
> >>
> > I agree with Perry and Phill that email experience should be
> > essentially undisturbed in the normal case, though it's OK to add an
> > additional authorization step.
> >
> > One thing that irks me, though, is the problem of the robust, secure
> > terminal: if everything is encrypted, how does one survive the
> > loss/theft/destruction of a computer or harddrive? I'm no ignoramus,
> > yet I have, several times, lost data I cared about due to hardware
> > failure or theft combined with improper backup. How is a total newbie
> > to do?
> This is a broader problem, actually. If you've ever had to take care of
> someone's estate, you'll know that one of the problems is contacting all
> the banks, other financial institutions, service providers, and other suc=
h
> parties they dealt with in life. My experience dealing with my father's
> estate - a fairly simple one - was that having the *paper* statements was
> the essential starting point. (Even so, finding his safe deposit box - I
> had the unlabeled keys - could have been a real pain if my sister didn't
> remember which bank it was at.) Had he been getting email statements, ju=
st
> finding his mail accounts - and getting access to them - could have been =
a
> major undertaking. Which is one reason I refuse to sign up for email
> statements ... just send me the paper, thank you. (This is getting harde=
r
> all the time. I expect to start getting charged for paper statements any
> time now.)
>
> Today at least, my executor, in principle, work with the mail provider to
> get access. But for truly secure mail, my keys presumably die with me, a=
nd
> it's all gone.
>
> You don't even have to consider the ultimate loss situation. If I'm
> temporarily disabled and can't provide my keys - how can someone take car=
e
> of my bills for me?
>
> We can't design a system that can handle every variation and eventuality,
> but if we're going to design one that we intend to be broadly used, we ha=
ve
> to include a way to handle the perfectly predictable, if unpleasant to
> think about, aspects of day to day life. Absolute security *creates* new
> problems as it solves old ones. There may well be aspects to my life I
> *don't* want revealed after I'm gone. But there are many things I *do*
> want to be easily revealed; my heirs will have enough to do to clean up
> after me and move on as it is.
>
> So, yes, we have to make sure we have backup mechanisms - as well as key
> escrow systems, much as the term "key escrow" was tainted by the Clipper
> experience.
>
Systems do need to be usable in practice and too much security can be a bad
thing. I am thinking about 'PRISM Proof' as a hierarchy of needs:
0 No confidentiality requirement
1 Content Confidentiality Passive intercept (met by STARTTLS)
2 Content Confidentiality Active Intercept (met by STARTTLS + validated
recipient server cert)
3 Content Confidentiality Coercion or compromise of Mail service provider
4 Content Confidentiality Coercion or compromise of Trusted Third Party
5 MetaData Confidentiality
6 Traffic Analysis Confidentiality
At present we only have a widely deployed solution for level 1.
The constituency that has a requirement for level 6 is probably very small.
Certainly none of us would benefit. Is is a hard goal or a stretch goal?
It is certainly a desirable goal for people like journalists but the cost
of meeting the requirement may not be acceptable.
At any rate, I think that starting by trying to build something to level 4
would be a good start and provide an essential basis for getting through to
levels 5 and 6.
It might be that to get from level 4 to level 6 the solution is as simple
as 'use a German ISP'.
Since we are talking about Snowden and Greenwald, folk might be amused to
learn that I was the other party who contacted Baghdad Boylen, General
Pertreaus's spokesperson who sent Greenwald a bizarre email which he then
lied about having sent (to me, Greenwald and Petreaus), apparently unaware
that while an email message can indeed be faked, it is improbable that
these particular message headers are faked.
Further, had any such attempted impersonation of Boylan taken place it
would have been a very serious matter requiring urgent investigation. Since
I was never contacted it is clear that no investigation took place which
can only mean that Boylen did send the emails and then lied about sending
them.
http://www.salon.com/2007/10/28/boylan/
If a UK military officer had sent a similar email he would be cashiered.
But then again, in the British army Colonels are not minted by the thousand
as in the US.
--=20
Website: http://hallambaker.com/
--001a11c36942b0910004e518bb8e
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Thu, Aug 29, 2013 at 7:15 AM, Jerry Leichter <span dir=3D"ltr">&=
lt;<a href=3D"mailto:leichter@lrw.com" target=3D"_blank">leichter@lrw.com</=
a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex"><div class=3D"im">On Aug 28, 2013, at 2:04 PM, Far=E9 wrot=
e:<br>
>> My target audience, like Perry's is people who simply can'=
t cope with anything more complex than an email address. For me secure mail=
has to look feel and smell exactly the same as current mail. The only diff=
erence being that sometime the secure mailer will say 'I can't cont=
act that person securely right now because=85'<br>
>><br>
> I agree with Perry and Phill that email experience should be<br>
> essentially undisturbed in the normal case, though it's OK to add =
an<br>
> additional authorization step.<br>
><br>
> One thing that irks me, though, is the problem of the robust, secure<b=
r>
> terminal: if everything is encrypted, how does one survive the<br>
> loss/theft/destruction of a computer or harddrive? I'm no ignoramu=
s,<br>
> yet I have, several times, lost data I cared about due to hardware<br>
> failure or theft combined with improper backup. How is a total newbie<=
br>
> to do?<br>
</div>This is a broader problem, actually. =A0If you've ever had to tak=
e care of someone's estate, you'll know that one of the problems is=
contacting all the banks, other financial institutions, service providers,=
and other such parties they dealt with in life. =A0My experience dealing w=
ith my father's estate - a fairly simple one - was that having the *pap=
er* statements was the essential starting point. =A0(Even so, finding his s=
afe deposit box - I had the unlabeled keys - could have been a real pain if=
my sister didn't remember which bank it was at.) =A0Had he been gettin=
g email statements, just finding his mail accounts - and getting access to =
them - could have been a major undertaking. =A0Which is one reason I refuse=
to sign up for email statements ... just send me the paper, thank you. =A0=
(This is getting harder all the time. =A0I expect to start getting charged =
for paper statements any time now.)<br>
<br>
Today at least, my executor, in principle, work with the mail provider to g=
et access. =A0But for truly secure mail, my keys presumably die with me, an=
d it's all gone.<br>
<br>
You don't even have to consider the ultimate loss situation. =A0If I=
9;m temporarily disabled and can't provide my keys - how can someone ta=
ke care of my bills for me?<br>
<br>
We can't design a system that can handle every variation and eventualit=
y, but if we're going to design one that we intend to be broadly used, =
we have to include a way to handle the perfectly predictable, if unpleasant=
to think about, aspects of day to day life. =A0Absolute security *creates*=
new problems as it solves old ones. =A0There may well be aspects to my lif=
e I *don't* want revealed after I'm gone. =A0But there are many thi=
ngs I *do* want to be easily revealed; my heirs will have enough to do to c=
lean up after me and move on as it is.<br>
<br>
So, yes, we have to make sure we have backup mechanisms - as well as key es=
crow systems, much as the term "key escrow" was tainted by the Cl=
ipper experience.<br></blockquote><div><br></div><div>Systems do need to be=
usable in practice and too much security can be a bad thing. I am thinking=
about 'PRISM Proof' as a hierarchy of needs:</div>
<div><br></div><div>0 No confidentiality requirement</div><div>1 Content Co=
nfidentiality Passive intercept (met by STARTTLS)</div><div>2=A0Content Con=
fidentiality=A0Active Intercept (met by STARTTLS + validated recipient serv=
er cert)</div>
<div>3=A0Content Confidentiality=A0Coercion or compromise of Mail service p=
rovider</div><div>4=A0Content Confidentiality=A0Coercion or compromise of T=
rusted Third Party</div><div>5 MetaData Confidentiality</div><div>6 Traffic=
Analysis Confidentiality</div>
<div><br></div><div>At present we only have a widely deployed solution for =
level 1.</div><div><br></div><div>The constituency that has a requirement f=
or level 6 is probably very small. Certainly none of us would benefit. Is i=
s a hard goal or a stretch goal?</div>
<div><br></div><div>It is certainly a desirable goal for people like journa=
lists but the cost of meeting the requirement may not be acceptable.</div><=
div><br></div><div>At any rate, I think that starting by trying to build so=
mething to level 4 would be a good start and provide an essential basis for=
getting through to levels 5 and 6.</div>
<div><br></div><div>It might be that to get from level 4 to level 6 the sol=
ution is as simple as 'use a German ISP'.</div><div><br></div><div>=
<br></div><div>Since we are talking about Snowden and Greenwald, folk might=
be amused to learn that I was the other party who contacted Baghdad Boylen=
, General Pertreaus's spokesperson who sent Greenwald a bizarre email w=
hich he then lied about having sent (to me, Greenwald and Petreaus), appare=
ntly unaware that while an email message can indeed be faked, it is improba=
ble that these particular message headers are faked.=A0</div>
<div><br></div><div>Further, had any such attempted impersonation of Boylan=
taken place it would have been a very serious matter requiring urgent inve=
stigation. Since I was never contacted it is clear that no investigation to=
ok place which can only mean that Boylen did send the emails and then lied =
about sending them. =A0</div>
<div><br></div><div><a href=3D"http://www.salon.com/2007/10/28/boylan/">htt=
p://www.salon.com/2007/10/28/boylan/</a><br></div></div><div><br></div><div=
>If a UK military officer had sent a similar email he would be cashiered. B=
ut then again, in the British army Colonels are not minted by the thousand =
as in the US.=A0</div>
<div><br></div><div><br></div>-- <br>Website: <a href=3D"http://hallambaker=
.com/">http://hallambaker.com/</a><br>
</div></div>
--001a11c36942b0910004e518bb8e--
--===============7063654589802152249==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============7063654589802152249==--
